In order to search for jobs specifically for CAIA Charterholders or those pursuing the CAIA Charter please enter “CAIA” in the search panel.
This will enable you to search for CAIA specific roles globally.
Make an impact every day with Trust, Data and Resilience (TDR) Our TDR team sits within the Group Operations function and is responsible for mission-critical areas including cyber, information, data, privacy and resilience. These are challenges that impact our clients globally. Our TDR team develops the platforms, drives the processes and builds partnerships to benefit millions of people every day. They thrive in providing solutions to complex issues, devote time and energy to designing new and innovative solutions, and all in an environment that demands being risk-aware, not risk-averse. TDR chooses progress over perfection and aims to always participate with a constructive purpose. The team makes an impact wherever they are based, be it in our offices around the world, our Global Business Solution centres in China, India, Malaysia and Poland, or even from our home.
Now you have an opportunity to make a meaningful impact with a diverse and passionate team of creators, innovators and achievers. With us, you'll learn, be inspired, and make an impact every day. The success of our work hinges on how we use the unique diversity of our people to realise the effects we seek to achieve: Always on. Always safe. Always Simple.
The Role Responsibilities The Group Chief Information Security Officer (CISO) organisation is instrumental in protecting and ensuring the resilience of Standard Chartered Bank's data and IT systems by managing information and cyber security (ICS) risk across the enterprise. As a critical function reporting into the Group Chief Operating Officer (COO), the Office of the CISO serves as the first line of defence for assuring ICS controls are implemented effectively and in accordance with the ICS Risk Framework and for instilling a culture of cyber security within the Bank.
The Office of the CISO is central to ensuring the Bank's ability to meet its ICS commitments to internal and external stakeholders, including regulators, as well as maintaining an acceptable ICS risk profile that is regularly reported to the Board.
The Global Head of TPSR leads the third-party security risk assessment program within the Bank. The program plays a central role across the Bank in managing vendor risk by implementing a standardized data risk security assessment to third parties.
Significant transformation is underway within the Third Party Security Risk function to rapidly improve the Group's Cyber, Data, Privacy and Automation control environment, along with digitization and innovation, and to collaborate with different areas of the bank that are responsible for vendor management to build integration of third party data security risk into the wider bank vendor management process.
To support the TPSR transformation agenda in growing trust with clients and regulators, a Head of Risk Governance role has been created in Singapore to develop and implement best practice risk management processes, governance, and planning across Third Party Security Risk.
The successful candidate will have a solid understanding of information security, third party risk management and supply chain management. In addition, the successful candidate will work closely with the Global Head of ICS Governance, and Risk to ensure policies and procedures related to TPSR meet internal and regulatory policy requirements. As a representative of the "first line of defence" the position supports the appropriate design, implementation, and/or execution of the TPSR framework Risk Management
Continuously improve the operational efficiency and effectiveness of risk & control management and oversight processes.
Develop and maintain enterprise governance frameworks, standards and practices relating to risk governance and effectively implement them.
Design and maintain internal processes that allow Global Head TPSR to dynamically monitor risk, controls and their effectiveness.
Responsible for the preparation of risk related papers suitable for timely deliver at GNFRC, MT or other senior forums
Instrumental in the planning, preparation and tracking of any TPSR related Risk Acceptance papers
Oversee all TPSR controls and corresponding CSTs, KCIs and KRIs on a periodic basis.
Act quickly and decisively when any risk and / or control weaknesses becomes apparent and ensure they are addressed within an appropriate timeframe and escalated through the relevant committees.
Ensure that all documented Risks have ownership, agreement of facts, actions assigned and are managed to timely completion.
Drive the internal risk management planning agenda and delivery.
Develop and maintain a conduct risk management plan, supporting the identification and management of all TPSR conduct risks.
Responsible for COO TDR related TPSR Risk Assessment forum materials and deliverables.
Responsible for preparing all Group ICS Risk Oversight forum materials
Prepare risk management related procedures as required
Work with other risk & control teams to drive efficiency, effectiveness and reduce duplication.
Work closely with supply chain and vendor management functions within the bank (Global Sourcing, Legal, Compliance, Business Contract Managers, etc.) on third party security risk related risk initiatives
Establish strong ties into the relevant business lines governance, risk and control committees to ensure adequate monitoring, tracking and governance of the TPSR function.
Development, implementation and maintenance of a management information, analysis and reporting framework that supports and informs timely and effective decision making at all levels.
Tracking and reporting of risk acceptances and their outputs to ensure oversight and escalation mechanisms are in place.
Provide timely and accurate reporting to appropriate committees.
Setup and run a TPSR management team Risk Forum to ensure all risk activities are managed for quality and timely completion and to ensure that domain owner, process owners and risk owners are fully informed of activities in their space.
Represent Risk Management on corporate or enterprise-wide projects or policy initiatives impacting or governing risk governance and control
Work closely with the Global Head, Third Party Security Risk to delivery key strategic initiatives. This could be either by direct involvement / delivery of initiatives or supporting the team with specific assignments.
Provide robust challenge and escalation to senior management and all relevant business/function/region stakeholders to ensure activities achieve risk reduction.
Drive consistent methodology, tools, processes & standardised templates for Third Party Security Risk as part of their Conduct, Risk & Control agenda.
Maintain and update documentation on risk and control processes.
Perform coordination for Regulatory Requests for Information across Third Party Security Risk engaging with multiple-parties.
Perform administrative activities to support risk and control processes put in place.
Regularly share lessons learnt and best practice in a timely manner across a wide-ranging stakeholder group within businesses/functions.
People and Talent
Provide proactive self-orienting and self-motivating leadership, and work with limited direction.
Provide strong leadership, management and coaching over colleague(s).
Lead through example and build the appropriate culture and values. Set appropriate tone and expectations, and work in collaboration with risk and control partners.
Regulatory & Business Conduct
Display exemplary conduct and live by the Group's Values and Code of Conduct.
Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.
Global Head, Third Party Security Risk
Global Head of Control, Trust, Data & Automation
Head of Operations, Data Management & Privacy
Global Head, Resilience
Accountable Executive, ICS TRP
Global Head of Operations, ICS
Global Head of Operations, Lean Digital, Data Analytics & Automation
Global Head, Cyber Security Services
Global Head, Training & Awareness
Our Ideal Candidate
Advanced knowledge and experience in compliance, risk and governance roles
Bachelor / Honours Degree (Information Technology, Computer Science or Cyber Security) Preferred (but not essential).
Defining methodology, tools, processes and standardised templates for Risk & Control Management and oversight
Strong background in implementing and assessing both business & technology risks and controls
Excellent organisation skills with the ability to manage multiple deadlines and effectively prioritise
Analytical and independent thinker with strong written and verbal communication skills
Experience of delivering transformation / project initiatives
Resourceful and creative in presenting information
To view information on our benefits including our flexible working please visit our career pages . We welcome conversations on flexible working.
About Standard Chartered We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.
To us, good performance is about much more than turning a profit. It's about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good.
We're committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation. This in turn helps us to provide better support to our broad client base.